But the subject isn't risk evaluation, it's the idea of a "score" where using NatSec state zero days get positive points for saving lives and saving money, and negative points for when terrorists use leaked zerodays or take advantage of unfixed holes.
The claim was "any terrorist attack using these proves it's a net loss"
My response was "the classified nature of positive points doesn't invalidate positive points, and you cannot call it a net loss without a full accounting"
Now it's just devolved into a game of hypotheticals where people try to disprove the idea of a full accounting by creating even sillier terrorist scenarios?
The claim was "any terrorist attack using these proves it's a net loss"
My response was "the classified nature of positive points doesn't invalidate positive points, and you cannot call it a net loss without a full accounting"
Now it's just devolved into a game of hypotheticals where people try to disprove the idea of a full accounting by creating even sillier terrorist scenarios?